[FW1] SP7 install or How I spent my Saturday

Mon, 07 Aug 2000 10:38:56 -0700 


I am running Firewall-1 V 4.0 on a Solaris 2.6 box.  I installed SP 7 over
SP 3 this weekend and the following is a transcript of the problems I ran
into.

First, the patchadd command kept failing in the prepatch stage.  The error
was completely incomprehensible as it said "<long path>/checkinstall:<long
path>/checkinstall cannot open".  I was running it as root so this took a
while to figure out but luckily I was able to find the problem in the
knowledge base on the Checkpoint web site.  It seems that the patchadd
command cannot handle long paths.  I moved everything to a directory on root
called x and everything patched very nicely, or so I thought.

Second, the patch succeeded and told me to reboot.  When the machine came
back up, it tried to load the rule base and failed, saying it could not find
any interfaces except  loopback (lo),  This consumed a good 30 minutes and I
even went so far as to roll the patch back but I still had the same problem.
Well, with the firewall down, I can't get to Checkpoint's web site thru the
normal methods.  Luckily, I had installed my home ISP on a standalone PC
with a modem and was able to get to their web site and found the solution
once more in their knowledge base.  I had to remove the product.conf file
and rerun fwconfig.  It acts like the first time you ever set it up and will
recognize all your interfaces.  

I then reinstalled the patch and when I rebooted this time everything was
fine, or so I thought.  I did several test from inside and outside the
firewall and everything seemed fine so I went home

However, when I got in today, I found that the file and group owners of my
log files had been changed.  I run a log grabber from another machine as a
non-root user and this was failing.  I now believe that was a result of
running fwconfig and not the patch.

Anyway, everything seems to be working now.  I just thought some of you
could benefit from my problems if you haven't done it yet.

Jim Edwards
Systems Manager
Texas Secretary of State




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to